Screen is used to run interactive programs in the backgroud while we can logout from the server. We can also re-attach to the existing screen session to check the progress of the running programs.
Sometimes, server admin need to run commands under a different user so they “su” to another user and use screen.
root@server [~]# su - user1 user1@server [~]# screen Cannot open your terminal '/dev/pts/0' - please check.
As you can see, after changing the identity to ‘user1’, you cannot run screen and instead it exits with the error message
Cannot open your terminal '/dev/pts/0' - please check.
This indicates that the ‘user1’ don’t have access to the /dev/pts/0 file.
This is because the terminal is owned by the user (root) who opens the session so even if you su to another user (user1), the terminal will still be owned by the original user (root) hence the error.
Here are the permission and ownership of the terminal:
# ls -la /dev/pts/0 crw--w---- 1 root tty 136, 0 Oct 28 04:34 /dev/pts/0
As you can see the ‘user1’ have no permission to read and write to the file. The file is only readable by root and writable by root and tty group.
There are 4 different solutions as stated below out of which 1st and 2nd are not recommended. They are a security risk and only recommended if you want to perform a very small tasks.
With the first 2 solutions, you may end up giving unprivileged access to a privileged login if you don’t revert the changes.
1) Set read/write permissions for ‘all’ on the terminal device in question which is /dev/pts/0 in our case. This way you can su to any user and run a screen session under his session.
# chmod a+rw /dev/pts/0
2) Set read permission to ‘tty’ group and then add the user ( in our case ‘user1’ ) to the ‘tty’ group in /etc/group file.
# chmod g+r /dev/pts/0
Open /etc/group file and search for tty:x:5: , at the end of the line add the username so he will be a part of the ‘tty’ group
tty:x:5:user1
Make sure you remove the user from the tty group once you complete your task.
3) This is the safest solution and is recommended. Set a strong password for user1, SSH directly with the user and run the screen session under it.
4) This is an alternate solution for the 3rd method.
a) Start a screen session as root b) change to user1 with su command c) execute your scripts/command d) detach (don't terminate) from the screen using Ctrl a+d
Comments are closed.